Catalin Cimpanu reports: US Cyber Command has issued an alert via Twitter today about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday. Read more on ZDNet.
D-Link Agrees to Make Security Enhancements to Settle FTC Litigation
Smart home products manufacturer D-Link Systems, Inc., has agreed to implement a comprehensive software security program in order to settle Federal Trade Commission allegations over misrepresentations that the company failed to take reasonable steps to secure its wireless routers and Internet-connected cameras. The settlement ends FTC litigation against D-Link stemming from a 2017 complaint in…
Key Biscayne recovering from cyberattack after hackers hit a third city in Florida
Rob Wile reports: The village of Key Biscayne confirmed Thursday it had been hit by a cyberattack — the third Florida city this month to fall victim to outside hackers. Village Manager Andrea Agha said a “data security event” occurred Sunday, June 23. She said that some permitting operations were handled manually while some systems…
Billions of Records Including Passwords Leaked by Smart Home Vendor (Updated)
Sergiu Gatlan reports: A publicly accessible ElasticSearch cluster owned by Orvibo, a Chinese smart home solutions provider, leaked more than two billion user logs containing sensitive data of customers from countries all over the world. Orvibo provides its clients with smart solutions designed to help them manage houses, offices, and hotel rooms via smart systems…
Georgia court agency hacked in ransom attack
Mark Niesse reports: Hackers have infected computers at a Georgia courts agency, demanding a ransom payment and causing officials to shut down court websites. The Administrative Office of the Courts was offline Monday as the state government tried to contain the hack. The agency maintains court documents, provides computer applications to some local courts and…
UPDATE: Lake City fires employee after paying ransom in malware attack
WCJB reports: The city manager of Lake City, Joe Helfenberg confirmed that the director of information technology, Brian Hawkins, was fired. This decision comes after a “Triple Threat” cyber attack that disabled city servers, phones, and email that resulted in ransom. Lake City paid $460,000 in ransom for a cyber attack through the cyber cryptocurrency,…